| Port No | 4000 |
| Service Name | W32.Witty.Worm |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | This signature detects the propogation of W32.Witty.Worm |
| Reference Link | Port Number:4000 Service Name:W32.Witty.Worm Port:UDP |
| Attack | According to Symantec Resolution: Because the worm resides in memory only and is not written to disk, virus definitions do not detect this threat. Symantec Security Response recommends that you follow the steps described below to deal with this threat. 1. Obtain the patch for the vulnerability from http://blackice.iss.net/update_center/index.php. 2. Disconnect the affected system from the network. 3. Reboot the system to remove the threat from memory. 4. Apply the patch. 5. Reconnect to the network |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.